126 lines
2.9 KiB
YAML
126 lines
2.9 KiB
YAML
- name: Check if FOG is already installed
|
|
ansible.builtin.stat:
|
|
path: /opt/fog/.fogsettings
|
|
register: fog_installed
|
|
|
|
- name: Upgrade system before FOG server install
|
|
ansible.builtin.dnf:
|
|
name: "*"
|
|
state: latest # noqa: package-latest
|
|
when: not fog_installed.stat.exists
|
|
|
|
- name: Install git
|
|
ansible.builtin.dnf:
|
|
name: git
|
|
state: present
|
|
|
|
- name: Set SELinux to permissive and make it persistent
|
|
ansible.posix.selinux:
|
|
policy: targeted
|
|
state: permissive
|
|
|
|
- name: Ensure parent source directory exists
|
|
ansible.builtin.file:
|
|
path: /usr/local/src
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: Clone FOG at specified version
|
|
ansible.builtin.git:
|
|
repo: https://github.com/FOGProject/fogproject.git
|
|
dest: /usr/local/src/fogproject
|
|
version: "{{ fog.version | default('stable') }}"
|
|
update: true
|
|
|
|
- name: Run FOG installer first time
|
|
ansible.builtin.command: ./installfog.sh -Y
|
|
args:
|
|
chdir: /usr/local/src/fogproject/bin
|
|
creates: /opt/fog/.fogsettings
|
|
|
|
- name: Create admin zone
|
|
ansible.posix.firewalld:
|
|
zone: admin
|
|
state: present
|
|
permanent: true
|
|
register: admin_zone
|
|
when:
|
|
- firewalld is defined
|
|
- firewalld.type == 'complex'
|
|
|
|
- name: Create fog zone
|
|
ansible.posix.firewalld:
|
|
zone: fog
|
|
state: present
|
|
permanent: true
|
|
register: fog_zone
|
|
when:
|
|
- firewalld is defined
|
|
- firewalld.type == 'complex'
|
|
|
|
- name: Reload firewalld if zones were created
|
|
ansible.builtin.command: firewall-cmd --reload
|
|
changed_when: true
|
|
when:
|
|
- firewalld is defined
|
|
- firewalld.type == 'complex'
|
|
- admin_zone.changed or fog_zone.changed
|
|
|
|
- name: Bind admin source to admin zone
|
|
ansible.posix.firewalld:
|
|
zone: admin
|
|
source: "{{ firewalld.zones.admin.source }}"
|
|
permanent: true
|
|
immediate: true
|
|
state: enabled
|
|
when:
|
|
- firewalld is defined
|
|
- firewalld.type == 'complex'
|
|
|
|
- name: Bind fog interface to fog zone
|
|
ansible.posix.firewalld:
|
|
zone: fog
|
|
interface: "{{ firewalld.zones.fog.interface }}"
|
|
permanent: true
|
|
immediate: true
|
|
state: enabled
|
|
when:
|
|
- firewalld is defined
|
|
- firewalld.type == 'complex'
|
|
|
|
- name: Allow admin services
|
|
ansible.posix.firewalld:
|
|
zone: admin
|
|
service: "{{ item }}"
|
|
permanent: true
|
|
immediate: true
|
|
state: enabled
|
|
loop: "{{ firewalld.zones.admin.services | default([]) }}"
|
|
when:
|
|
- firewalld is defined
|
|
- firewalld.type == 'complex'
|
|
|
|
- name: Allow fog services
|
|
ansible.posix.firewalld:
|
|
zone: fog
|
|
service: "{{ item }}"
|
|
permanent: true
|
|
immediate: true
|
|
state: enabled
|
|
loop: "{{ firewalld.zones.fog.services | default([]) }}"
|
|
when:
|
|
- firewalld is defined
|
|
- firewalld.type == 'complex'
|
|
|
|
- name: Allow fog ports
|
|
ansible.posix.firewalld:
|
|
zone: fog
|
|
port: "{{ item }}"
|
|
permanent: true
|
|
immediate: true
|
|
state: enabled
|
|
loop: "{{ firewalld.zones.fog.ports | default([]) }}"
|
|
when:
|
|
- firewalld is defined
|
|
- firewalld.type == 'complex'
|